DOM-based Cross-Site Scripting Vulnerability in Adobe Experience Manager
CVE-2026-47935
5.4MEDIUM
What is CVE-2026-47935?
Adobe Experience Manager versions 6.5.24 and earlier are susceptible to a DOM-based Cross-Site Scripting (XSS) flaw. This vulnerability allows attackers to manipulate the Document Object Model (DOM) to execute malicious JavaScript code in the context of a user's web browser. For exploitation, an unsuspecting user must visit a specially crafted webpage designed to trigger the XSS attack. Users are urged to upgrade their systems to mitigate this risk.
Affected Version(s)
Adobe Experience Manager 0 <= 2026.04